# Create a VPC for our infrastructure
resource "alicloud_vpc" "vpc" {
  vpc_name   = "fungo-vpc"
  cidr_block = "172.16.0.0/12"
}

# Create a vSwitch for resources
resource "alicloud_vswitch" "vswitch" {
  vswitch_name = "fungo-vswitch"
  vpc_id       = alicloud_vpc.vpc.id
  cidr_block   = "172.16.0.0/21"
  zone_id      = "cn-beijing-h"
}

# Create security group
resource "alicloud_security_group" "default" {
  name   = "fungo-security-group"
  vpc_id = alicloud_vpc.vpc.id
}

# Allow HTTP traffic
resource "alicloud_security_group_rule" "allow_http" {
  type              = "ingress"
  ip_protocol       = "tcp"
  policy            = "accept"
  port_range        = "80/80"
  security_group_id = alicloud_security_group.default.id
  cidr_ip           = "0.0.0.0/0"
}

# Allow HTTPS traffic
resource "alicloud_security_group_rule" "allow_https" {
  type              = "ingress"
  ip_protocol       = "tcp"
  policy            = "accept"
  port_range        = "443/443"
  security_group_id = alicloud_security_group.default.id
  cidr_ip           = "0.0.0.0/0"
} 